[ros-dev] WMF Bug / SetAbortProc
spetreolle at yahoo.fr
Mon Jan 16 15:32:12 CET 2006
Wine isnt anymore vulnerable to the WMF exploit,
its fixed in the CVS.
Next step has to be a gdi sync.
potential NULL pointer dereference:
--- M Bealby <mbealby at gmail.com> a écrit :
> In case you've had you're head in the sand recently I'm sure you must
> know about the recent WMF bug found in all recent versions of Windows.
> The vulnerable function is in SetAbortProc and can be called from a
> malicious WMF file as they include executable code by definition.
> Windows automatically runs this a WMF file when previewing /
> displaying - including from a web page!
> WINE is also vulnerable, and still is. However, from a brief look at
Sylvain Petreolle (aka Usurp)
--- --- --- --- --- --- --- --- --- --- --- --- ---
Tired of a proprietary Windows on your computer ?
Use free ReactOS instead ( http://www.reactos.org )
More information about the Ros-dev